Home Insights Supply Chain Fulfilling German supply chain due diligence act obligations
Cover for German supply chain

Fulfilling German supply chain due diligence act obligations

Recent sustainability legislations and regulations make due diligence a business imperative for effective supply chain management. Increasingly, regulations and local government bodies are regulating how enterprises must approach, operate, and report on their supply chain operations, both directly and within their extended value chain. While our earlier blog post on ESG initiatives discussed sustainability of the supply chain in general, in this article, we’ll delve into the German Supply Chain Due Diligence Act (SCDDA, and in German, Lieferkettensorgfaltspflichtengesetz or LkSG) and explore:

  • What the act regulates and what obligations it sets forth
  • How to leverage technology to ensure compliance with the act’s requirements

While this discussion primarily focuses on the manufacturing industry, including hi-tech, retail, and CPG sectors, it offers valuable insights for any businesses that need to comply with the German Supply Chain Due Diligence Act. The content draws from Grid Dynamics’ expertise in supply chain, custom development, and digital transformation, highlighting the role of technology in response to the act’s implications.

Figure 1: Protecting human rights and environment throughout global supply chains. Source: Bundesregierung
Figure 1: Protecting human rights and environment throughout global supply chains. Source: Bundesregierung

Impact of German supply chain due diligence act on enterprises

The German Supply Chain Due Diligence Act (SCDDA) broadens the scope of corporate responsibility beyond their immediate business operations to encompass both their direct and indirect suppliers. Companies are required to demonstrate that they have taken appropriate measures and made every effort to prevent human rights violations within their supply chain.

Starting on January 1, 2023, the act applies to companies with a workforce of at least 3000 employees, and as of January 1, 2024, it will also impact companies with 1000 or more employees operating in Germany. These obligations extend to various categories of employees, including those posted abroad, part-time employees, senior staff, and special groups such as individuals on probation or maternity leave. Furthermore, the act encompasses all forms of affiliated enterprises as defined by the Stock Corporation Act, section 15, thereby making its obligations relevant for companies indirectly falling under this purview.

This leads us to consider a series of changes that enterprises and multinational companies with branches registered in Germany must incorporate to ensure compliance. Let’s explore these changes in more detail.

Operational impact of corporate due diligence obligations

The SCDDA necessitates companies to enact updates in three primary areas to mitigate or prevent human rights-related and environment-related risks. These areas of change are as follows:

Area Changes

Table 1: Changes introduced by the German Supply Chain Due Diligence Act, categorized by areas

The act delineates various risks that may arise within the supply chain while fulfilling obligations related to the protection and respect for human rights. These risks encompass the prohibition of child labor, slavery, forced labor, occupational safety, freedom from discrimination, and more. Additionally, the act addresses certain environmental risks that can lead to human rights violations, as outlined in international agreements such as:

  • The Stockholm Convention on Persistent Organic Pollutants;
  • The Minamata Convention on Mercury; and
  • The Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and Their Disposal.

Companies are mandated to submit an annual report documenting their compliance with due diligence obligations. It is likely that a majority of affected enterprises are already in the process of implementing these changes. Let’s now discuss potential challenges that may hinder timely fulfillment of these obligations.

Hidden roadblock on the plan-to-fulfillment path

When considering the extensive data collection required across various channels, it becomes evident that technology represents the most vulnerable aspect of the implementation plan. But why is this the case?

Risk analysis relies heavily on data, and accurate decision-making necessitates precise inputs. Reporting, too, depends on verifiable and trustworthy information. It’s important to recognize that the majority, if not all, of the obligations associated with the SCDDA require comprehensive data analysis and increased digitization to ensure their fulfillment

Companies are indeed taking steps to implement necessary changes. However, due to the timeline involved, the technology domain proves to be the most challenging in terms of both ensuring that all required updates are in place and allowing sufficient time for testing and the rollout of new technology and integrations.

Therefore, let’s delve into the essential technological solutions required to effectively track, analyze, and report compliance with the SCDDA.

How to leverage technology to prepare for the German supply chain due diligence act regulations?

From a technical perspective, cloud modernization, data lakes, analytics and risk assessment can be used as enablers of SCDDA compliance. As previously discussed in the redesigning supply chain for resilience article, some practices are widely acknowledged as best-in-class. However, there exists a certain reluctance when it comes to investing in these practices. Consequently, this hesitance can impact both the scope and timeliness of implementation, leading to delayed responses and missed opportunities.

This hesitation is, nonetheless, understandable, given the constant competitive pressures and the need to allocate operational and financial resources across conflicting priorities. Therefore, the following sections will delve into specific technological applications that not only empower compliance with regulations but also contribute to strengthening overall operations.

Accelerate digital transformation

Digital transformation plays a pivotal role in transitioning away from paper-based processes, implementing supplier self-service tools, and establishing automation to identify gaps and risks within the supply chain. Shifting towards cloud-based solutions and advanced technologies not only addresses the requirements of the SCDDA but also enhances overall business efficiency.

Here are several areas where digital transformation is particularly relevant for achieving compliance with SCDDA regulations:

  1. For data collection and analysis:
    1. Utilizing IoT (Internet of Things) and data analytics
    2. Analyzing feedback from employees, customers, and social media sentiment
    3. Enhancing financial reporting transparency
  2. For risk identification and reporting:
    1. Leveraging data analytics and AI/ML (Artificial Intelligence/Machine Learning)
    2. Detecting anomalies and outliers with rule-based alerting
    3. Implementing trained models for monitoring specific use cases
    4. Developing supplier intelligence and risk profiles
    5. Enabling standardized reporting
  3. For resource optimization and waste management:
    1. Optimizing inventory management
    2. Enhancing control over transportation
    3. Optimizing product lines
  4. For workforce management:
    1. Implementing feedback systems
    2. Enhancing workforce management processes
    3. Reducing travel-related emissions and costs
    4. Focusing on training and education
  5. For strategic partnerships:
    1. Establishing transparent communication and reporting
    2. Collaborating closely with the supplier base

It’s important to note that each of these areas serves as a pillar for optimizing overall operations. For instance, consider the case study, Loss prevention with AI-powered IoT analytics platform, which uncovered projected revenue opportunities totaling $250 million. This underscores the significant potential benefits of digital transformation across various facets of the supply chain.

Supplier risk management

Effective management of suppliers and direct customers necessitates the use of advanced decision support tools. As an integral component of a compliance strategy for the German Supply Chain Due Diligence Act, it is imperative to develop intelligent tools that harness machine learning (ML) and optimization algorithms. These tools are designed to identify the most efficient sourcing and logistics options, representing a crucial undertaking.

Companies can adopt this approach as they conduct risk due diligence on targeted suppliers within their supply base, categorizing them by country, commodity, and other relevant factors while digitally mapping the supply chain. This comprehensive method ensures that regular risk analyses encompass the diverse landscape, including the parent company and direct suppliers. The primary focus should be on segments that are most susceptible to human rights-related, labor rights-related, or environmental violations or damage.

By collecting data directly from the source, the monitored information should be consolidated into a comprehensive insights dashboard. This dashboard should feature automated alerting mechanisms based on critical event-based signals. Consequently, responsible personnel will have the means to promptly assess risks and devise preventive measures in response.

Build system integrations across systems and suppliers

As companies establish a centralized supplier repository to meet the requirements of SCDDA and integrate it into various enterprise systems, they encounter integration challenges inherent in diverse and heterogeneous corporate IT landscapes.

Consider, for instance, the documentation and reporting obligations stipulated by the SCDDA: “The fulfillment of the due diligence obligations pursuant to section 3 must be continuously documented within the enterprise.” Breaking this down into specific areas covered by the act, risk analyses, tracking, and management encompass:

  • Finance and accounting
  • Procurement
  • Execution
  • Inventory and warehouse management
  • Production and manufacturing process systems

This list is by no means exhaustive, as it does not account for the supplier systems involved.

As mentioned in the “Accelerate digital transformation” section above, such integration efforts serve not only to ensure data accuracy, establish a robust audit trail, and enhance visibility for regulatory reporting but also to drive efficiency, scalability, and the management of supplier relationships within the broader supply chain context.

Explore more in-depth material on this topic in the Supply chain monitoring for proactive supplier risk management article.

Configure custom dashboards and alerts

To effectively address the risk assessment and due diligence aspects of the source-to-pay process, companies must customize risk views and alerts to align with their specific business needs, individual supplier relationships, and various roles within the organization. These tailored views should be accessible to authorized personnel who may be affected and should provide sufficient contextual information for making informed decisions regarding preventive measures without undue delay. Implementing this functionality would entail the following steps:

  • Data integration: Ingesting data from multiple sources to provide a comprehensive view of relevant information.
  • Machine Learning and real-time analysis: Learning from historical data and analyzing real-time data using a combination of algorithms that account for multiple entities or processes.
  • Event sequence analysis: Analyzing event sequences to detect human rights and environment-related risks effectively.

The alerting system must be designed to be highly efficient, minimizing the effort required to review false positive cases, particularly given the relative rarity of risk events. The conceptual workings of such a system are depicted in Figure 2:

Figure 2: Generalized view of risk assessment alerting
Figure 2: Generalized view of risk assessment alerting


While this article examines the technology requisites pertaining to the SCDDA regulations, this section gathers some prominent summaries of key questions and answers about the act itself.

What is the German supply chain Act?

The German Supply Chain Due Diligence Act, also referred to as SCDDA and Lieferkettensorgfaltspflichtengesetz (LkSG), aims to reduce environmental impact and prevent human rights violations within the global supply chains of companies. The Act came into effect in January 2023 and currently applies to companies with more than 3,000 employees. However, starting in 2024, it will also encompass companies with more than 1,000 employees, including their direct suppliers. This expansion means that a significant number of global companies and their suppliers will fall under its purview.

Who needs to comply with the German supply chain due diligence Act?

Compliance with the German SCDDA is not limited to German companies; it extends to global companies with a substantial presence in terms of the number of employees or branch offices. Subsidiaries of foreign groups must also adhere to the Act’s due diligence obligations

What are the German supply chain act obligations?

The SCDDA mandates that companies implement measures not only within their own business areas but also concerning their direct suppliers and, in certain cases, even their indirect suppliers, particularly if there are indications of violations. In summary, it requires the following:

  1. Establishing a risk management system.
  2. Designating compliance responsibility within the company.
  3. Performing regular risk analyses.
  4. Issuing a policy statement.
  5. Establishing preventive measures within the parent company and in relation to any direct suppliers.
  6. Taking remedial measures and action.
  7. Establishing a complaints procedure.
  8. Implementing due diligence obligations with respect to risks at indirect suppliers.
  9. Providing documentation and reporting.

What dates are important for the German supply chain due diligence Act?

  • June 2021: German parliament passes the Act.
  • January 2023: The Act’s regulations come into force for enterprises with more than 3,000 employees.
  • January 2024: German Supply Chain Due Diligence Act regulations come into force for enterprises with more than 1,000 employees.
  • 2026: The German government will evaluate the Act’s effectiveness.

What does noncompliance with SCDDA requirements mean?

Noncompliance with SCDDA requirements can result in:

  • Monetary penalties of up to €8 million, depending on the nature and severity of the violation.
  • Fines of up to 2% of average annual revenues for companies with an average annual revenue exceeding €400 million.
  • Exclusion from German public tenders for up to three years.
  • Damage to the company’s brand and potential revenue loss.

What other ESG due diligence laws and regulations exist?

The number of acts, regulations, and government-led initiatives for environmental, social, and governancegrows constantly. You can find some overarching lists at Corporate sustainability due diligence(from the European Commission) and Federal Sustainability Requirements and Guidelines. For specific laws or regulations, visit official resources for up-to-date information on requirements.

Final thoughts

No two supply chains are identical, and the extent of their impact under SCDDA likely varies from case to case. Consequently, it’s highly probable that companies will approach the fulfillment of the Act’s obligations with caution.

However, regardless of the unique circumstances, there are several critical points to consider when integrating the regulatory changes introduced by the new supply chain act:

  • Extraterritorial reach: Government regulations apply even if a business is not headquartered in Germany, and they extend to Tier 1 Suppliers as well.
  • Consequences of noncompliance: Noncompliance carries severe penalties in addition to potential damage to the brand’s reputation.
  • Technical adjustments: Meeting compliance requirements necessitates technical changes to ensure compliance, establish an audit trail, and meet reporting requirements.
  • Accelerated digitization: Compliance will require an accelerated digitization of business processes, especially in supplier management. This entails building integrations across diverse enterprise systems, such as supplier lifecycle management, procurement systems, ERP, and more.

Grid Dynamics offers over 16 years of experience in developing cloud-native applications, a track record of creating effective dashboards and alert systems, and expertise in intelligent AI/ML tools. We are here to assist you in this journey.

Feel free to reach out to our technical and thought leadership teams to discuss your specific business case, explore value-driven solutions, and achieve rapid results. We draw upon our expertise in supply chain excellence and a history of successful implementations, spanning various project sizes.

Get in touch

We'd love to hear from you. Please provide us with your preferred contact method so we can be sure to reach you.

    Fulfilling German supply chain due diligence act obligations

    Thank you for getting in touch with Grid Dynamics!

    Your inquiry will be directed to the appropriate team and we will get back to you as soon as possible.


    Something went wrong...

    There are possible difficulties with connection or other issues.
    Please try again after some time.